Archive

Happy New Year to everyone! Wish you all the best for this year, but most importantly, I wish you to be healthy and around your families! Also, stay safe!

Maybe for some of you Santa was kind enough and brought you new electronic devices such as a new laptop, desktop, iPad, tablet or smartphone. That sounds exciting, but have you thought what are you going to do with your old electronic device? Giving it away to charity? Selling it on a classified website, or giving it to a family member or friend? In any of these cases you should first be sure that you are not involuntarily sharring your private info and data. For this reason, E-Crime Expert presents again today some tips on how to remove this personal data from your old electronic device before being given away.

Please watch this video tutorial here:

More details are provided bellow:

A large volume of electronic data is stored on computer systems and electronic media. Much of this data consists of confidential and sensitive information, including patient records, financial data, personnel records, and research information.

If you are with a company or organization that accepts donations or properly dismantles computers, electronics, or hard drives, take them there.

If you have a computer or computer equipment that you believe is beyond repair or is too old to be useful take it to a dismantling centre.

Many computer manufacturers and computer hardware manufactures also have their own recycling or trade in programs. When you buy a new computer you could perhaps trade in the old one.

All computer systems, electronic devices and electronic media should be properly cleared of sensitive data and software before being transferred from you to another seller or dismantling centre.

Computer hard drives should be cleared by using software and then be physically destroyed. Non-rewritable media, such as CDs or non-usable hard drives, should be physically destroyed (ie. scratched, broken into pieces).

Try to destroy or dismantle you hard drive, external hard drive, printer, fax, cell phone, computer, camera, web camera, GPS, laptop because all these devices have internal memory where sensitive data is still stocked even if properly deleted manually or with a software.

When you sell an old laptop or PC, try first to “format” your device and reinstall the operating system- If you are not able to do this, at least try to DELETE:

All your photos, videos, music files, located on the following folders: Desktop or My Documents, My Music, My videos (Movies),

Sync Services folder used for cloud computing or to sync with other devices

Address book

Note: these folders are available on a MacBook Pro device (with Snow Leopard OS), the order or name of the folders may differ from computer to computer or from one operating system to another. But the principle is the same.

When you sell your used cellular phone try to do a “factory data reset” and all the information and personal settings will be removed. This is mandatory when you sell your used device.

Step 1: go to settings

Step 2: select SD&phone storage

Step 3: select Factory data reset

This should reset all your information on your phone.

Note: these folders are available on HTC Desire running on Android version 2.2.

The convenience of using smart phones and their available applications is unquestionable. Who does not like to have weather updates, points of interest such as gas stations, restaurants, and businesses, available on his phone one click away? This information is delivered through Location-Based Services supported by the new smart phones and their software.

Location-Based Services can be delivered by means of wireless systems and the unique identification of communication devices combined with location data.

On your smart phone a feature is available to activate your “location” through the network provider. Also, that feature could be deactivated. The big players on the market such Android (Google) or OS (Apple) of course conform with the existing regulations regarding LBS and they follow the Data Protection and Privacy stipulations regarding their default applications installed on your device or available on their online application stores.

Third-party applications are available on those online application stores in which case not all of them could be checked, or at least checked in time, before being removed.

How it works:

– on the devices powered by the Android system from Google, you have a disclaimer where it says: this application has access to your contacts, messages, emails, etc, please be careful when installing or using it. You have the choice of uninstalling it, but most users will not reject the latest application from the “Market” which make facebook, twitter or skype available on their phone.

Please see here some examples (from a HTC Desire handset running on Android version 2.2) on how third-party applications access your most sensitive data, contacts full details, can make automatic changes on your device or even worst, can access your login, passwords information as shown in the first pictures:

Fig. 1 (retrive full contact data and use authentication credentials):

These applications may make your life easier by providing voice-to-text, reading an email, writing an email or identifying the phone’s location (for providing weather forecast or the closest points of interests), but in reality some third-party applications get full access to your portable device and to your data whether it is: personal contacts, emails, user names, passwords, or credit card numbers. Furthermore, the application could be delivered under a friendly name and shinny interface, but inside it could run a malware or a virus or anything else capable to read, record and transmit your data or your location which is available through your active Location Based services or through your Network Based Services (provided by your phone carrier). For example, your position reads that you are on the French Riviera and your house in Brussels is unattended, this would be a great opportunity for someone (who knows where you live) to brake into and “clean” your house from goods. even more, one can access your financial information and clone a credit card, make online transaction on your expense, use your login/password information to access private accounts (email, work, home accounts) and have access to your full contact list (with identification details, email addresses, phone numbers and any other sensitive information).

With Apple’s OS, they don’t have these disclaimers to warn you that a third party application has access to your all confidential data, which is wrong as a user has the right to know if any potential dangers could arise from getting a new application and make the decision as to whether to use it or not.

According to SMobile, 20 percent of applications that let third parties access private or sensitive information, 5 percent of applications have the ability to place a call to any number, and 2 percent of applications can send an SMS to an unknown premium number (that has higher charges for contacting), in both cases without user involvement.

With Android’s security model, it requires that applications declare the permissions they will be using prior to installation by the user. An informed user can use these declarations to decide if they want to install an application or not, according to SMobile. However, the fact remains that there is no means available for a user to know for sure that the application they just downloaded is doing only what the user sees it doing, and especially for the average user who doesn’t have knowledge about thess new technological developments, could bring both, positive or negative experiences. The most important is that nowadays it is an increasing number of children and teenagers that use these devices. In my opinion, the risks applying to them are even higher as those children have a bigger friends’ circle where they exchange information, applications and also because they may not fully understand and perceive those risks. In this case, they can easily become a target for identity theft, child pornography, grooming and financial frauds.

How to prevent this vulnerability?

The best prevention is to not blindly use them, check reviews first and learn how to use it.

Watch a particular application on the provider’s platform for a while to see if that is legitimated and how user rate it.

Download and use an Antivirus for you mobile device, available on the Android “Market“.

Also there are available antivirus solutions for Apple OS using Trend Micro.

If you are a parent, make your decision wisely whether you child need or not a smart phone when he/she is in grade four for example.

If you decide that your child needs a smart phone, then try help him/her adjust the security/privacy settings and check what applications they would download on their devices.

Check E-Crime Expert blog and website, to see the latest privacy vulnerabilities and internet crimes trends.

The big players on the smart phone and media providing market have the responsibility to educate users how to use these new services, smart devices, and interactive applications because they run their businesses because of these users who use and buy their products and services. So ask your provider.